From e1c7ef7a94677598f4a87523d54b6e9a9a4abfbc Mon Sep 17 00:00:00 2001 From: Matthias Date: Thu, 25 Aug 2022 17:53:12 +0200 Subject: [PATCH] Completed backend of profile page --- src/controller/auth.ts | 48 +++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/src/controller/auth.ts b/src/controller/auth.ts index a4fa3c8..19b74cf 100644 --- a/src/controller/auth.ts +++ b/src/controller/auth.ts @@ -15,7 +15,7 @@ import { import { AuthService } from '../services/auth'; import { AuthGuard } from '@nestjs/passport'; import { Public } from '../authguards'; -import { Responses, Requests } from 'dto'; +import { Requests, Responses } from 'dto'; import { tfaTypes } from '../entities'; import { toDataURL } from 'qrcode'; import * as base32 from 'thirty-two'; @@ -48,12 +48,22 @@ export default class AuthController { ); } - async tfa( - req, - code: string, - type: tfaTypes + @Post('2fa/disable') + async tfaDisable( + @Request() req + ): Promise { + await this.authService.setTfaType(req.user, tfaTypes.NONE); + await this.authService.revokeAll(req.user); + return new Responses.Auth.RemoveTfaResponse(); + } + + @Post('2fa/complete') + async tfaMail( + @Request() req, + @Body(new ValidationPipe()) data: Requests.Auth.TfaComplete ): Promise { - if (!(await this.authService.verifyTfa(req.user, code, type))) { + const type = data.mail ? tfaTypes.EMAIL : tfaTypes.TOTP; + if (!(await this.authService.verifyTfa(req.user, data.code, type))) { throw new UnauthorizedException('Incorrect 2fa'); } await this.authService.setTfaType(req.user, type); @@ -61,23 +71,7 @@ export default class AuthController { return new Responses.Auth.TfaCompletedResponse(); } - @Post('2fa/complete/mail') - async tfaMail( - @Request() req, - @Body(new ValidationPipe()) data: Requests.Auth.TfaComplete - ): Promise { - return await this.tfa(req, data.code, tfaTypes.EMAIL); - } - - @Post('2fa/complete/totp') - async tfaTotp( - @Request() req, - @Body(new ValidationPipe()) data: Requests.Auth.TfaComplete - ): Promise { - return await this.tfa(req, data.code, tfaTypes.TOTP); - } - - @Get('2fa/setup') + @Post('2fa/setup') async setupTotp( @Request() req, @Body(new ValidationPipe()) data: Requests.Auth.TfaSetup @@ -93,7 +87,7 @@ export default class AuthController { .encode(secret) .toString()}&issuer=MFileserver` ), - secret + base32.encode(secret).toString() ); } @@ -147,4 +141,10 @@ export default class AuthController { ); return new Responses.Auth.ChangePasswordResponse(); } + + @Post('logout_all') + async logoutAll(@Request() req): Promise { + await this.authService.revokeAll(req.user); + return new Responses.Auth.LogoutAllResponse(); + } }